security: force lodash-es 4.18.0 for transitive dependencies

[auriti]

Summary

Forces all copies of lodash-es (including transitive) to 4.18.0 via the overrides field in package.json, resolving the remaining HIGH severity vulnerability.

Problem

PR #225 bumped the direct lodash-es dependency to 4.18.0, but @anthropic-ai/sandbox-runtime@0.0.46 declares "lodash-es": "^4.17.23" — Bun resolved this to a separate copy at 4.17.23 in the lockfile. The vulnerable transitive copy remained:

@anthropic-ai/sandbox-runtime/lodash-es → lodash-es@4.17.23  ← VULNERABLE

Vulnerabilities:

• HIGH: Code Injection via _.template imports key names (GHSA-r5fr-rjxr-66jc)
• MODERATE: Prototype Pollution via _.unset/_.omit (GHSA-f23m-r3pf-42rh)

Fix

"overrides": {
  "lodash-es": "4.18.0"
}

This forces Bun to resolve ALL lodash-es ranges (including ^4.17.23 from sandbox-runtime) to 4.18.0.

Verification

$ bun audit
No vulnerabilities found

Test plan

• bun audit — zero vulnerabilities
• bun test — 13 pass
• bun install — clean install with override applied

[auriti]

Updated: bumped to 4.18.1 instead of 4.18.0.

4.18.0 is deprecated by the lodash maintainer (npm view lodash-es@4.18.0 deprecated → "Bad release"). 4.18.1 is the latest non-deprecated release that patches the CVEs. Both the direct dependency and the override now point to 4.18.1. bun audit reports zero vulnerabilities.

[gnanam1990]

Clean fix — this completes what PR #225 started. The transitive lodash-es@4.17.23 copy from @anthropic-ai/sandbox-runtime is correctly pinned via overrides and the lockfile confirms it's gone. bun audit
clean, tests passing. Ready to merge.